# Test-ADCredential.ps1
Verify Active Directory credentials

This function takes a user name and a password as input and will verify if the combination is correct. The function returns a boolean based on the result.

Name: Test-ADCredential
Author: Jaap Brasser
Version: 1.0
DateUpdated: 2013-05-10

The samaccountname of the Active Directory user account
The password of the Active Directory user account

Test-ADCredential -username jaapbrasser -password Secret01

Verifies if the username and password provided are correct, returning either true or false based on the result
function Test-ADCredential {
    if (!($UserName) -or !($Password)) {
        Write-Warning 'Test-ADCredential: Please specify both user name and password'
    } else {
        Add-Type -AssemblyName System.DirectoryServices.AccountManagement
        $DS = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('domain')
        $DS.ValidateCredentials($UserName, $Password)

try{ $testADCredential = $null; $testADCredential = Get-Credential } catch { $testADCredential = $null;  }
if($testADCredential -ne $null) { Test-ADCredential -UserName "$($testADCredential.UserName)" -Password "$($testADCredential.GetNetworkCredential().password)"; }

pause; return;

Active Directory account locking out after password reset

Several end-users account locking out after recently resetting their domain password.

Our domain policy is lockout Threshold 3 attempts. They are getting locked out after 1 try. Once the user logs in, any network or domain resources they try to get to prompt them for their credentials because they are locked out. Their domain account shows locked in AD as well.

Continue reading “Active Directory account locking out after password reset”